root
/
jenkins
mirror of https://github.com/jenkinsci/jenkins.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Prefer using the SHA of third party actions (#11154)

This commit is contained in:
Alexander Brandes 2025-10-04 22:11:58 +02:00 committed by GitHub
parent 443160f6c0
commit b1fe658d39
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/changelog.yml vendored
View File

@ -24,7 +24,7 @@ jobs:
# Drafts your next Release notes as Pull Requests are merged into "master" # Drafts your next Release notes as Pull Requests are merged into "master"
- name: Generate GitHub Release Draft - name: Generate GitHub Release Draft
id: release-drafter id: release-drafter
uses: release-drafter/release-drafter@v6 uses: release-drafter/release-drafter@b1476f6e6eb133afa41ed8589daba6dc69b4d3f5 # v6.1.0
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Generates a YAML changelog file using https://github.com/jenkinsci/jenkins-core-changelog-generator # Generates a YAML changelog file using https://github.com/jenkinsci/jenkins-core-changelog-generator
@ -44,7 +44,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
if: github.repository_owner == 'jenkinsci' if: github.repository_owner == 'jenkinsci'
steps: steps:
- uses: tibdex/github-app-token@v2 - uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0
id: generate-token id: generate-token
with: with:
app_id: ${{ secrets.JENKINS_CHANGELOG_UPDATER_APP_ID }} app_id: ${{ secrets.JENKINS_CHANGELOG_UPDATER_APP_ID }}

2
.github/workflows/label-conflicting-pr.yml vendored
View File

@ -13,7 +13,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Label conflicting PRs - name: Label conflicting PRs
uses: eps1lon/actions-label-merge-conflict@v3.0.3 uses: eps1lon/actions-label-merge-conflict@1df065ebe6e3310545d4f4c4e862e43bdca146f0 # v3.0.3
with: with:
dirtyLabel: "unresolved-merge-conflict" dirtyLabel: "unresolved-merge-conflict"
repoToken: "${{ secrets.GITHUB_TOKEN }}" repoToken: "${{ secrets.GITHUB_TOKEN }}"

2
.github/workflows/require-changelog-label.yml vendored
View File

@ -12,7 +12,7 @@ jobs:
issues: write issues: write
pull-requests: write pull-requests: write
steps: steps:
- uses: mheap/github-action-required-labels@8afbe8ae6ab7647d0c9f0cfa7c2f939650d22509 # v5 - uses: mheap/github-action-required-labels@fb29a14a076b0f74099f6198f77750e8fc236016 # v5.5.0
with: with:
mode: minimum mode: minimum
count: 1 count: 1

2
.github/workflows/run-since-updater.yml vendored
View File

@ -29,7 +29,7 @@ jobs:
id: run_script id: run_script
shell: bash shell: bash
- name: Create Pull Request - name: Create Pull Request
uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7 uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
with: with:
token: ${{ secrets.GITHUB_TOKEN }} token: ${{ secrets.GITHUB_TOKEN }}
commit-message: Fill in since annotations commit-message: Fill in since annotations